Allow the OTR private key to be cached. Updates #111

This commit is contained in:
JC Brand 2014-01-31 18:07:44 +02:00
parent 5406df1bc7
commit d0f023dbb1
3 changed files with 64 additions and 38 deletions

View File

@ -135,6 +135,7 @@
this.auto_list_rooms = false;
this.auto_subscribe = false;
this.bosh_service_url = undefined; // The BOSH connection manager URL.
this.cache_otr_key = false;
this.debug = false;
this.hide_muc_server = false;
this.i18n = locales.en;
@ -159,6 +160,7 @@
'auto_list_rooms',
'auto_subscribe',
'bosh_service_url',
'cache_otr_key',
'connection',
'debug',
'fullname',
@ -167,11 +169,11 @@
'jid',
'prebind',
'rid',
'show_call_button',
'show_controlbox_by_default',
'show_emoticons',
'show_only_online_users',
'show_toolbar',
'show_call_button',
'sid',
'use_vcards',
'xhr_custom_status',
@ -528,30 +530,56 @@
}
},
getSessionPassphrase: function () {
return converse.prebind ? converse.connection.jid : converse.connection.pass;
},
generatePrivateKey: function (callback, instance_tag) {
var cipher = CryptoJS.lib.PasswordBasedCipher;
var key = new DSA();
if (converse.cache_otr_key) {
pass = this.getSessionPassphrase();
if (typeof pass !== "undefined") {
// Encrypt the key and set in sessionStorage. Also store instance tag.
window.sessionStorage[hex_sha1(this.id+'priv_key')] =
cipher.encrypt(CryptoJS.algo.AES, key.packPrivate(), pass).toString();
window.sessionStorage[hex_sha1(this.id+'instance_tag')] = instance_tag;
this.save({'pass_check': cipher.encrypt(CryptoJS.algo.AES, 'match', pass).toString()});
}
}
this.trigger('showHelpMessages', [__('Private key generated.')], null, false);
callback({
'key': key,
'instance_tag': instance_tag
});
},
getSession: function (callback) {
// FIXME: sessionStorage is not supported in IE < 8. Perhaps a
// user alert is required here...
var result, pass, instance_tag, saved_key;
var cipher = CryptoJS.lib.PasswordBasedCipher;
if (typeof converse.connection.pass !== "undefined") {
instance_tag = window.sessionStorage[hex_sha1(this.id+'instance_tag')];
saved_key = window.sessionStorage[hex_sha1(this.id+'priv_key')];
pass = converse.connection.pass;
var pass_check = this.get('pass_check');
if (saved_key && instance_tag && typeof pass_check !== 'undefined') {
var decrypted = cipher.decrypt(CryptoJS.algo.AES, saved_key, pass);
var key = DSA.parsePrivate(decrypted.toString(CryptoJS.enc.Latin1));
if (cipher.decrypt(CryptoJS.algo.AES, pass_check, pass).toString(CryptoJS.enc.Latin1) === 'match') {
// Verified that the user's password is still the same
this.trigger('showHelpMessages', [__('Re-establishing encrypted session')]);
callback({
'key': key,
'instance_tag': instance_tag
});
var result, pass, instance_tag, saved_key;
if (converse.cache_otr_key) {
pass = this.getSessionPassphrase();
if (typeof pass !== "undefined") {
instance_tag = window.sessionStorage[hex_sha1(this.id+'instance_tag')];
saved_key = window.sessionStorage[hex_sha1(this.id+'priv_key')];
var pass_check = this.get('pass_check');
if (saved_key && instance_tag && typeof pass_check !== 'undefined') {
var decrypted = cipher.decrypt(CryptoJS.algo.AES, saved_key, pass);
var key = DSA.parsePrivate(decrypted.toString(CryptoJS.enc.Latin1));
if (cipher.decrypt(CryptoJS.algo.AES, pass_check, pass).toString(CryptoJS.enc.Latin1) === 'match') {
// Verified that the passphrase is still the same
this.trigger('showHelpMessages', [__('Re-establishing encrypted session')]);
callback({
'key': key,
'instance_tag': instance_tag
});
return; // Our work is done here
}
}
}
}
// We need to generate a new key and instance tag
instance_tag = OTR.makeInstanceTag();
this.trigger('showHelpMessages', [
@ -560,25 +588,7 @@
null,
true // show spinner
);
var clb = callback;
setTimeout($.proxy(function () {
var key = new DSA();
if (typeof converse.connection.pass !== "undefined") {
// Encrypt the key and set in sessionStorage. Also store
// instance tag
window.sessionStorage[hex_sha1(this.id+'priv_key')] =
cipher.encrypt(CryptoJS.algo.AES, key.packPrivate(), pass).toString();
window.sessionStorage[hex_sha1(this.id+'instance_tag')] = instance_tag;
this.save({'pass_check': cipher.encrypt(CryptoJS.algo.AES, 'match', pass).toString()});
}
this.trigger('showHelpMessages', [__('Private key generated.')], null, false);
clb({
'key': key,
'instance_tag': instance_tag
});
}, this), 500);
setTimeout($.proxy(this.generatePrivateKey, this), 500, callback, instance_tag);
},
updateOTRStatus: function (state) {

View File

@ -6,6 +6,7 @@ Unreleased
* Option to display a call button in the chatbox toolbar, to allow third-party libraries to provide a calling feature. [Aupajo]
* #108 Japanese Translations [mako09]
* #111 OTR not working when using converse.js with prebinding. [jseidl, jcbrand]
* #114 Hewbrew Translations [GreenLunar]
* #115 Indonesian Translations [priyadi]

View File

@ -306,7 +306,6 @@ Facebook integration
this myself. Feedback and patches from people who have succesfully done this
will be appreciated.
Converse.js uses `Strophe.js <http://strophe.im/strophejs>`_ to connect and
communicate with the XMPP server. One nice thing about Strophe.js is that it
can be extended via `plugins <http://github.com/strophe/strophejs-plugins>`_.
@ -763,6 +762,22 @@ a middle man between HTTP and XMPP.
See `here <http://metajack.im/2008/09/08/which-bosh-server-do-you-need>`_ for more information.
cache_otr_key
-------------
Default = ``false``
Let the `OTR (Off-the-record encryption) <https://otr.cypherpunks.ca>`_ private
key be cached in your browser's session storage.
The browser's session storage persists across page loads but is deleted once
the tab or window is closed.
If this options is set to ``false``, a new OTR private key will be generated
for each page load. While more inconvenient, this is a much more secure option.
This setting can only be used together with ``allow_otr = true``.
debug
-----